Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

microsoft — Vulnerabilities & Security Advisories 8272

Browse all 8272 CVE security advisories affecting microsoft. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by microsoft:Windows 10 Version 1809WindowsWindows 10 Version 1507Windows 10 Version 1803Windows 10 Version 1607Windows Server 2019Microsoft 365 Apps for EnterpriseMicrosoft SharePoint Enterprise Server 2016Microsoft Edge (Chromium-based)Microsoft Office 2019Microsoft EdgeWindows 7Windows 10 Version 2004Windows 10 Version 20H2Windows 11 Version 24H2Windows 10 Version 2004 for 32-bit SystemsAzure Site Recovery VMWare to AzureWindows 10 Version 1703Microsoft SQL Server 2017 (GDR)Windows Server 2022Microsoft OfficeWindows Server 2016Microsoft SharePoint Enterprise ServerInternet Explorer 9Windows 11 version 22H2ChakraCoreInternet Explorer 11Windows Server 2008 R2 Service Pack 1Windows 10 Version 21H2Visual Studio Code
CVE IDTitleCVSSSeverityPublished
CVE-2026-33105 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability — Azure Kubernetes ServiceCWE-285 10.0 Critical2026-04-02
CVE-2026-33107 Azure Databricks Elevation of Privilege Vulnerability — Azure DatabricksCWE-918 10.0 Critical2026-04-02
CVE-2026-32213 Azure AI Foundry Elevation of Privilege Vulnerability — Azure AI FoundryCWE-285 10.0 Critical2026-04-02
CVE-2026-34401 XML Notepad: XML External Entity (XXE) Injection via Unsafe XmlTextReader in XML Diff and Schema Loading — XmlNotepadCWE-611 6.5 Medium2026-03-31
CVE-2026-34054 openssl on Windows built with openssldir set from the build machine (Uncontrolled Search Path Element) — vcpkgCWE-427 7.8 High2026-03-31
CVE-2026-32194 Microsoft Bing Images Remote Code Execution Vulnerability — Microsoft Bing ImagesCWE-77 9.8 Critical2026-03-19
CVE-2026-26137 Microsoft Exchange Elevation of Privilege Vulnerability — Microsoft Exchange OnlineCWE-918 9.9 Critical2026-03-19
CVE-2026-26136 Microsoft Copilot Information Disclosure Vulnerability — Microsoft CopilotCWE-77 6.5 Medium2026-03-19
CVE-2026-24299 M365 Copilot Information Disclosure Vulnerability — Microsoft 365 CopilotCWE-77 5.3 Medium2026-03-19
CVE-2026-26120 Microsoft Bing Tampering Vulnerability — Microsoft BingCWE-918 6.5 Medium2026-03-19
CVE-2026-23659 Azure Data Factory Information Disclosure Vulnerability — Azure Data FactoryCWE-200 8.6 High2026-03-19
CVE-2026-23658 Azure DevOps: msazure Elevation of Privilege Vulnerability — Azure DevOps: msazureCWE-522 8.6 High2026-03-19
CVE-2026-26138 Microsoft Purview Elevation of Privilege Vulnerability — Microsoft PurviewCWE-918 8.6 High2026-03-19
CVE-2026-32191 Microsoft Bing Images Remote Code Execution Vulnerability — Microsoft Bing ImagesCWE-78 9.8 Critical2026-03-19
CVE-2026-26139 Microsoft Purview Elevation of Privilege Vulnerability — Microsoft PurviewCWE-918 8.6 High2026-03-19
CVE-2026-32169 Azure Cloud Shell Elevation of Privilege Vulnerability — Azure Cloud ShellCWE-918 10.0 Critical2026-03-19
CVE-2026-0385 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability — Microsoft Edge for AndroidCWE-451 5.0 Medium2026-03-13
CVE-2026-26133 M365 Copilot Information Disclosure Vulnerability — Microsoft 365 Copilot for AndroidCWE-77 7.1 High2026-03-13
CVE-2026-26123 Microsoft Authenticator Information Disclosure Vulnerability — Microsoft Authenticator for AndroidCWE-939 5.5 Medium2026-03-10
CVE-2026-26144 Microsoft Excel Information Disclosure Vulnerability — Microsoft 365 Apps for EnterpriseCWE-79 7.5 High2026-03-10
CVE-2026-26141 Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability — Azure Automation Hybrid Worker Windows ExtensionCWE-287 7.8 High2026-03-10
CVE-2026-26130 ASP.NET Core Denial of Service Vulnerability — ASP.NET Core 10.0CWE-770 7.5 High2026-03-10
CVE-2026-26118 Azure MCP Server Tools Elevation of Privilege Vulnerability — Azure MCP Server Tools 1.0.0 (npm)CWE-918 8.8 High2026-03-10
CVE-2026-26117 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability — Arc Enabled Servers - Azure Connected Machine AgentCWE-288 7.8 High2026-03-10
CVE-2026-26110 Microsoft Office Remote Code Execution Vulnerability — Microsoft 365 Apps for EnterpriseCWE-843 8.4 High2026-03-10
CVE-2026-26109 Microsoft Excel Remote Code Execution Vulnerability — Microsoft 365 Apps for EnterpriseCWE-125 8.4 High2026-03-10
CVE-2026-26108 Microsoft Excel Remote Code Execution Vulnerability — Microsoft 365 Apps for EnterpriseCWE-122 7.8 High2026-03-10
CVE-2026-26107 Microsoft Excel Remote Code Execution Vulnerability — Microsoft 365 Apps for EnterpriseCWE-416 7.8 High2026-03-10
CVE-2026-26106 Microsoft SharePoint Server Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016CWE-20 8.8 High2026-03-10
CVE-2026-23665 Linux Azure Diagnostic extension (LAD) Elevation of Privilege Vulnerability — Azure Linux Virtual Machines with Azure Diagnostics extensionCWE-122 7.8 High2026-03-10

This page lists every published CVE security advisory associated with microsoft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.